urlscan.io logo urlscan.io
SecurityTrails logo

telegramfraud.com Open in urlscan Pro
104.16.42.105  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.telegramfraud.com/
Effective URL: https://telegramfraud.com/en
Submission: On July 14 via automatic, source certstream-suspicious — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 71 HTTP transactions. The main IP is 104.16.42.105, located in and belongs to CLOUDFLARENET, US. The main domain is telegramfraud.com.
TLS certificate: Issued by E5 on July 14th 2024. Valid for: 3 months.
This is the only time telegramfraud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.19.241.93 13335 (CLOUDFLAR...)
30 104.16.42.105 13335 (CLOUDFLAR...)
2 151.101.193.229 54113 (FASTLY)
4 142.250.184.200 15169 (GOOGLE)
2 142.250.185.106 15169 (GOOGLE)
3 11 93.158.134.119 13238 (YANDEX)
10 172.217.18.3 15169 (GOOGLE)
2 52.216.33.137 16509 (AMAZON-02)
2 216.239.32.36 15169 (GOOGLE)
7 13.32.23.118 16509 (AMAZON-02)
71 10
1    104.19.241.93 (None, )

ASN13335 (CLOUDFLARENET, US)
www.telegramfraud.com
30    104.16.42.105 (None, )

ASN13335 (CLOUDFLARENET, US)
telegramfraud.com
2    151.101.193.229 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
4    142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net
www.googletagmanager.com
2    142.250.185.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net
fonts.googleapis.com
11    93.158.134.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
10    172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f3.1e100.net
fonts.gstatic.com
2    52.216.33.137 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
plst237.s3.amazonaws.com
2    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
7    13.32.23.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-118.fra56.r.cloudfront.net
d1muf25xaso8hp.cloudfront.net
Apex Domain
Subdomains		 Transfer
31 telegramfraud.com
www.telegramfraud.com
telegramfraud.com
1 MB
10 gstatic.com
fonts.gstatic.com
82 KB
8 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9753
4 KB
7 cloudfront.net
d1muf25xaso8hp.cloudfront.net
34 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 72
151 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4033
70 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2681
2 amazonaws.com
plst237.s3.amazonaws.com — Cisco Umbrella Rank: 135951
7 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 74
1 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 352
22 KB
71 10
Domain Requested by
30 telegramfraud.com telegramfraud.com
10 fonts.gstatic.com fonts.googleapis.com
8 mc.yandex.com 2 redirects telegramfraud.com
mc.yandex.ru
7 d1muf25xaso8hp.cloudfront.net telegramfraud.com
4 www.googletagmanager.com telegramfraud.com
3 mc.yandex.ru 1 redirects telegramfraud.com
2 region1.google-analytics.com www.googletagmanager.com
2 plst237.s3.amazonaws.com telegramfraud.com
2 fonts.googleapis.com telegramfraud.com
2 cdn.jsdelivr.net telegramfraud.com
1 www.telegramfraud.com 1 redirects
71 11

This site contains no links.

Subject Issuer Validity Valid
telegramfraud.com
E5		 2024-07-14 -
2024-10-12		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2024-05-23 -
2024-11-02		 5 months crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2024-04-22 -
2025-04-07		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh

This page contains 3 frames:

Primary Page: https://telegramfraud.com/en
Frame ID: 1F51B64E48A931CEABEC46445914B3EC
Requests: 71 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 8FD90BF2ABFA7735CC1436F7D6CECFDD
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 10385DDF3FF7A32DD00512A9910E0BBC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Register of unreliable telegram channels and authors

Page URL History Show full URLs

  1. https://www.telegramfraud.com/ HTTP 301
    https://telegramfraud.com/ Page URL
  2. https://telegramfraud.com/en Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

71
Requests

92 %
HTTPS

0 %
IPv6

10
Domains

11
Subdomains

10
IPs

3
Countries

1546 kB
Transfer

9862 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.telegramfraud.com/ HTTP 301
    https://telegramfraud.com/ Page URL
  2. https://telegramfraud.com/en Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.telegramfraud.com/ HTTP 301
  • https://telegramfraud.com/
Request Chain 24
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10430.vmMJ6r31dARAzVHjGNa8LTOXXc5rlejI8vUWS1IXJc2UjRaJEt4z_0lFOVyt1Vir.mW-8PbQEmoAZa4EpF6bnKfxFJZE%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10430.9ULeHuGgwV2ePGUTc7Zyy5jpiO-HmJPLuIL1wiHkJIIgqHTA0xgv2yB-wNBTRPKau3BIUm6QLdHeobPJm8R-qxqmJiMPxM3FCNNnQk1e3ruOAoD8mHdktIBm-L3zResYbzVbW8_hL24stiI1L101CV8jFAy8Kkscz-b64uArHFqpWjwbl_e7Ppv8whwu1Ti5f4PcRFUT0onp92GKEg9FnG2EidZMYR_p2VSFoaqsI70%2C.hvt-eaarUfgp4NeELbjdJFkyXtA%2C
Request Chain 26
  • https://mc.yandex.com/watch/97125067?wmode=7&page-url=https%3A%2F%2Ftelegramfraud.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ait-IT%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A889147338740%3Ahid%3A92232489%3Az%3A120%3Ai%3A20240714235541%3Aet%3A1720994139%3Ac%3A1%3Arn%3A653436805%3Arqn%3A1%3Au%3A1720994139845525914%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C204%2C829%2C3%2C606%2C0%2C%2C1134%2C0%2C%2C%2C%2C3266%3Aco%3A0%3Acpf%3A1%3Ans%3A1720994137621%3Agi%3AR0ExLjEuMTkzMjY0OTkxMC4xNzIwOTk0MTQx%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720994139%3At%3A%D0%A0%D0%B5%D0%B5%D1%81%D1%82%D1%80%20%D0%BD%D0%B5%D0%B1%D0%BB%D0%B0%D0%B3%D0%BE%D0%BD%D0%B0%D0%B4%D0%B5%D0%B6%D0%BD%D1%8B%D1%85%20%D1%82%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D0%BE%D0%B2%20%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D1%80%D0%BE%D0%B2&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)ti(1) HTTP 302
  • https://mc.yandex.com/watch/97125067/1?wmode=7&page-url=https%3A%2F%2Ftelegramfraud.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ait-IT%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A889147338740%3Ahid%3A92232489%3Az%3A120%3Ai%3A20240714235541%3Aet%3A1720994139%3Ac%3A1%3Arn%3A653436805%3Arqn%3A1%3Au%3A1720994139845525914%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C204%2C829%2C3%2C606%2C0%2C%2C1134%2C0%2C%2C%2C%2C3266%3Aco%3A0%3Acpf%3A1%3Ans%3A1720994137621%3Agi%3AR0ExLjEuMTkzMjY0OTkxMC4xNzIwOTk0MTQx%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720994139%3At%3A%D0%A0%D0%B5%D0%B5%D1%81%D1%82%D1%80%20%D0%BD%D0%B5%D0%B1%D0%BB%D0%B0%D0%B3%D0%BE%D0%BD%D0%B0%D0%B4%D0%B5%D0%B6%D0%BD%D1%8B%D1%85%20%D1%82%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D0%BE%D0%B2%20%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D1%80%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29

71 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
telegramfraud.com/
Redirect Chain
  • https://www.telegramfraud.com/
  • https://telegramfraud.com/
14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://telegramfraud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4c95bacdf5858f6bb23d0e7ec79235ea2b4126c897cc09cb1fcffc0f7d519bf7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
8a34c2155e47baf3-MXP
content-encoding
br
content-security-policy
frame-ancestors 'none';
content-type
text/html
date
Sun, 14 Jul 2024 21:55:39 GMT
referrer-policy
origin
server
cloudflare
vary
Accept-Encoding
x-bubble-capacity-limit
0 ms slower
x-bubble-capacity-used
0.054 unit-seconds used
x-bubble-perf
{"total":53.4,"percents":{"top":{"bubble_cpu":43.8,"block":53.3,"capacity_rl":0,"other_pause":0,"pre_fiber":2.7},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":31.7,"appserver_cache_misses_time":0,"redis":64.5,"fiber_queue":4,"capacity_wait":3.1}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":9,"derived_cache_memory_misses":9,"serverjson":28,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":62,"fiber_queue":56,"blocks":55},"misc":{"userdb_results":1,"userdb_data":206,"spent_time":3510446}}
x-frame-options
DENY
x-powered-by
Express

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a34c2118d080e05-MXP
date
Sun, 14 Jul 2024 21:55:38 GMT
location
https://telegramfraud.com/
server
cloudflare
x-bubble-capacity-limit
0 ms slower
x-bubble-capacity-used
0.005 unit-seconds used
x-bubble-perf
{"total":7.9,"percents":{"top":{"bubble_cpu":25.6,"block":61.7,"capacity_rl":0,"other_pause":0,"pre_fiber":11.5},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":33.3,"fiber_queue":6,"capacity_wait":23.8}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":6,"fiber_queue":7,"blocks":6},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":302258}}
x-powered-by
Express
early.js
telegramfraud.com/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegramfraud.com/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b

Request headers

Referer
https://telegramfraud.com/
Origin
https://telegramfraud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 21:55:39 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":59.8,"percents":{"top":{"bubble_cpu":11.6,"block":86.9,"capacity_rl":0,"other_pause":0,"pre_fiber":0.8},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":9.2,"appserver_cache_misses_time":0,"redis":9.6,"fiber_queue":1.1,"capacity_wait":10.1}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":10,"blocks":9},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1041703}}
age
1130900
x-powered-by
Express
x-bubble-capacity-used
0.016 unit-seconds used
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
cf-ray
8a34c21abf03baf3-MXP
x-bubble-capacity-limit
0 ms slower
run.css
telegramfraud.com/package/run_css/4348e415a813276d32d0314ca46ae80dafa65c4f713c1746ffa74ef23dba47af/fraud-telegram/live/index/xfalse/xfalse/ 		43 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegramfraud.com/package/run_css/4348e415a813276d32d0314ca46ae80dafa65c4f713c1746ffa74ef23dba47af/fraud-telegram/live/index/xfalse/xfalse/run.css
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7ab79920c39cf58ebfeee1098db5b3ebe67f6f475d11378365b670622f643ce1

Request headers

Referer
https://telegramfraud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 21:55:39 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":260.4,"percents":{"top":{"bubble_cpu":9.2,"block":85.1,"capacity_rl":0,"other_pause":0,"pre_fiber":4.9},"sub":{"pp_userdb":2.3,"pp_wait_userdb":0,"http_request":0,"serverjson":10.4,"appserver_cache_misses_time":0,"redis":26.8,"fiber_queue":11.4,"capacity_wait":3.7}},"counts":{"pp_userdb":2,"http_request":0,"derived_build":0,"derived_cache_attempts":3,"derived_cache_memory_misses":3,"serverjson":15,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":40,"fiber_queue":52,"blocks":51},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":9577990}}
cf-polished
origSize=57617
x-powered-by
Express
x-bubble-capacity-used
0.147 unit-seconds used
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
cf-ray
8a34c21abeffbaf3-MXP
x-bubble-capacity-limit
0 ms slower
pre_run_jquery.js
telegramfraud.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegramfraud.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

Referer
https://telegramfraud.com/
Origin
https://telegramfraud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 21:55:39 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":110,"percents":{"top":{"bubble_cpu":7.1,"block":92.1,"capacity_rl":0,"other_pause":0,"pre_fiber":0.5},"sub":{"pp_userdb":1.8,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":10.8,"fiber_queue":5.3,"capacity_wait":1.5}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":12,"fiber_queue":15,"blocks":14},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":1169411}}
age
11417058
x-powered-by
Express
x-bubble-capacity-used
0.018 unit-seconds used
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
cf-ray
8a34c21abf06baf3-MXP
x-bubble-capacity-limit
0 ms slower
run.js
telegramfraud.com/package/run_js/7bb052db5df25e4da0570736f9d86bd1baf6a3d8af94aac3be23b93c539e9b0b/xfalse/x29/ 		3 MB
740 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegramfraud.com/package/run_js/7bb052db5df25e4da0570736f9d86bd1baf6a3d8af94aac3be23b93c539e9b0b/xfalse/x29/run.js
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f82db55c28494802083b780ef42d77a2e1ff0cccbe68bbe24b6f11667fc50d65

Request headers

Referer
https://telegramfraud.com/
Origin
https://telegramfraud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 21:55:39 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":74.6,"percents":{"top":{"bubble_cpu":35,"block":59.1,"capacity_rl":0,"other_pause":0,"pre_fiber":3},"sub":{"pp_userdb":1.3,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":43.8,"fiber_queue":2.4,"capacity_wait":5.3}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":18,"fiber_queue":19,"blocks":18},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":3919071}}
age
178147
x-powered-by
Express
x-bubble-capacity-used
0.06 unit-seconds used
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
cf-ray
8a34c21abf08baf3-MXP
x-bubble-capacity-limit
0 ms slower
static.js
telegramfraud.com/package/static_js/6104fe6e4fb03186cf9416ccc4d13688f1270fdfe7b295fd54305a3031529a19/fraud-telegram/live/index/xnull/xfalse/xfalse/xfalse/ 		195 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegramfraud.com/package/static_js/6104fe6e4fb03186cf9416ccc4d13688f1270fdfe7b295fd54305a3031529a19/fraud-telegram/live/index/xnull/xfalse/xfalse/xfalse/static.js
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ea1d325eeafe148e66e088382a0c5211302cc73e3412659d54a9d2c1870fc0ab

Request headers

Referer
https://telegramfraud.com/
Origin
https://telegramfraud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 21:55:39 GMT
content-encoding
gzip
cf-cache-status
HIT
x-bubble-perf
{"total":242.2,"percents":{"top":{"bubble_cpu":17,"block":82.2,"capacity_rl":0,"other_pause":0,"pre_fiber":1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":28.7,"appserver_cache_misses_time":0,"redis":107,"fiber_queue":7,"capacity_wait":0.9}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":7,"derived_cache_memory_misses":7,"derived_cache_redis_misses":2,"serverjson":16,"appserver_cache_attempts":2,"appserver_mem_cache_hits":0,"appserver_cache_hits":2,"appserver_cache_misses":0,"redis":47,"fiber_queue":47,"blocks":46},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":6172928}}
x-powered-by
Express
x-bubble-capacity-used
0.095 unit-seconds used
alt-svc
h3=":443"; ma=86400
content-length
45638
server
cloudflare
etag
6104fe6e4fb03186cf9416ccc4d13688f1270fdfe7b295fd54305a3031529a19
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8a34c21abf0abaf3-MXP
x-bubble-capacity-limit
0 ms slower
dynamic.js
telegramfraud.com/package/dynamic_js/5ce5880aea7da5a2f5e1abc8f93fcff148694e2941e9ae71ec4493fa2bf0c303/fraud-telegram/live/index/xnull/xfalse/xfalse/en_us/xfalse/xfalse/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegramfraud.com/package/dynamic_js/5ce5880aea7da5a2f5e1abc8f93fcff148694e2941e9ae71ec4493fa2bf0c303/fraud-telegram/live/index/xnull/xfalse/xfalse/en_us/xfalse/xfalse/dynamic.js
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
60f09303408bba7f15ba701c88614773cea6db875a95d6d8236d087c974a1464

Request headers

Referer
https://telegramfraud.com/
Origin
https://telegramfraud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 21:55:39 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":398.3,"percents":{"top":{"bubble_cpu":13.2,"block":87.1,"capacity_rl":0,"other_pause":0,"pre_fiber":0.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":123.4,"appserver_cache_misses_time":0,"redis":88.1,"fiber_queue":4.4,"capacity_wait":0.5}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":4,"derived_cache_memory_misses":4,"derived_cache_redis_misses":1,"serverjson":90,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":248,"fiber_queue":125,"blocks":124},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":7863690}}
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-bubble-capacity-used
0.121 unit-seconds used
timing-allow-origin
*
cf-ray
8a34c21abf0bbaf3-MXP
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
feather-icons
cdn.jsdelivr.net/npm/ 		74 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/feather-icons
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ea465ac6b69a037dc49fda6ab1c585f95725091eff4515df61db91d9d3c5e54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://telegramfraud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 14 Jul 2024 21:55:39 GMT
x-content-type-options
nosniff
content-encoding
br
age
2365
x-jsd-version
4.29.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
21865
x-served-by
cache-fra-etou8220026-FRA, cache-mxp6957-MXP
x-jsd-version-type
version
etag
W/"1290f-X/pK4GwdM6kTkoZ77NToWvhCbGg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
js
www.googletagmanager.com/gtag/ 		307 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-64FBLDR671
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
c2d10572de3dc47a1b7ddb6943cad26fe741ac92c8e32aafe74bcdd2d2e59f96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://telegramfraud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 21:55:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103975
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 14 Jul 2024 21:55:40 GMT
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Mono:regular%7CIBM+Plex+Mono:500%7CIBM+Plex+Mono:600%7CIBM+Plex+Mono:700%7CRaleway:regular
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f10.1e100.net
Software
ESF /
Resource Hash
cf5d4a07787b0e60ff27fc562378b50781a5f2c71174a65a50729132e008cc66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://telegramfraud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Jul 2024 21:55:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Jul 2024 21:55:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Jul 2024 21:55:39 GMT
data
telegramfraud.com/api/1.1/init/ 		283 B
868 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegramfraud.com/api/1.1/init/data?location=https%3A%2F%2Ftelegramfraud.com%2F
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
71d6dddaee8cc5b87da191f2fd13a2575cd6bad642bf3c609c30a9c8a9886d12

Request headers

Referer
https://telegramfraud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 21:55:39 GMT
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":234.4,"percents":{"top":{"bubble_cpu":3.5,"block":95.7,"capacity_rl":0,"other_pause":0,"pre_fiber":0.7},"sub":{"pp_userdb":2.6,"pp_wait_userdb":0,"http_request":0,"serverjson":176.3,"appserver_cache_misses_time":0,"redis":6.1,"fiber_queue":0.5,"capacity_wait":0.6}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":4,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":19,"fiber_queue":24,"blocks":23},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":7230050}}
server
cloudflare
x-powered-by
Express
x-bubble-capacity-used
0.111 unit-seconds used
cf-ray
8a34c21bb877baf3-MXP
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
tag.js
mc.yandex.ru/metrika/ 		200 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
75dbb4380a386220610babb812bafaed50a4f983fa198851836a64d6fad2b094
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://telegramfraud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 21:55:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Wed, 03 Jul 2024 07:33:50 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6684fede-112d7"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
70359
expires
Sun, 14 Jul 2024 22:55:40 GMT
-F63fjptAgt5VM-kVkqdyU8n1i8q1w.woff2
fonts.gstatic.com/s/ibmplexmono/v19/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexmono/v19/-F63fjptAgt5VM-kVkqdyU8n1i8q1w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Mono:regular%7CIBM+Plex+Mono:500%7CIBM+Plex+Mono:600%7CIBM+Plex+Mono:700%7CRaleway:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
3c5a451f9ec27a354b0c2bcca636c6ec17a651281aabf29f8427e210a1d31e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://telegramfraud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:42:21 GMT
x-content-type-options
nosniff
age
475999
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14812
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 00:17:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 09:42:21 GMT
-F6qfjptAgt5VM-kVkqdyU8n3twJwlBFgg.woff2
fonts.gstatic.com/s/ibmplexmono/v19/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexmono/v19/-F6qfjptAgt5VM-kVkqdyU8n3twJwlBFgg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Mono:regular%7CIBM+Plex+Mono:500%7CIBM+Plex+Mono:600%7CIBM+Plex+Mono:700%7CRaleway:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
756026ff72eb76fd971ac4b7504cec55eef62109d2684c2cad8da32170b80b37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://telegramfraud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:16:00 GMT
x-content-type-options
nosniff
age
430780
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14988
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 23:44:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 22:16:00 GMT
-F6qfjptAgt5VM-kVkqdyU8n3vAOwlBFgg.woff2
fonts.gstatic.com/s/ibmplexmono/v19/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexmono/v19/-F6qfjptAgt5VM-kVkqdyU8n3vAOwlBFgg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Mono:regular%7CIBM+Plex+Mono:500%7CIBM+Plex+Mono:600%7CIBM+Plex+Mono:700%7CRaleway:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
c4d3deb734a27e6d0dc7a6b464779f70ba1c272e26287860a14e35e85acb5b76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://telegramfraud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:46:03 GMT
x-content-type-options
nosniff
age
475777
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15704
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 23:36:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 09:46:03 GMT
-F6qfjptAgt5VM-kVkqdyU8n3pQPwlBFgg.woff2
fonts.gstatic.com/s/ibmplexmono/v19/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexmono/v19/-F6qfjptAgt5VM-kVkqdyU8n3pQPwlBFgg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Mono:regular%7CIBM+Plex+Mono:500%7CIBM+Plex+Mono:600%7CIBM+Plex+Mono:700%7CRaleway:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
a51b6594bdda5d76e047259fb1fcaf7af2eb227cac553b4eb1cffa8328784c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://telegramfraud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:56:03 GMT
x-content-type-options
nosniff
age
475177
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14956
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 23:36:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 09:56:03 GMT
1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
fonts.gstatic.com/s/raleway/v34/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v34/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Mono:regular%7CIBM+Plex+Mono:500%7CIBM+Plex+Mono:600%7CIBM+Plex+Mono:700%7CRaleway:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
3e44fb721d3be9376c6e5e946109067a04da84ae10b3f27a03ada7a3731e515c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://telegramfraud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:40:44 GMT
x-content-type-options
nosniff
age
476096
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22432
x-xss-protection
0
last-modified
Wed, 01 May 2024 20:31:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 09:40:44 GMT
plst.js
plst237.s3.amazonaws.com/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plst237.s3.amazonaws.com/plst.js
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.216.33.137 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
57329622c0571f0bc59a56da7cbbb007f53a6f69f66302fc41a99cdb429c5f8d

Request headers

Referer
https://telegramfraud.com/
Origin
https://telegramfraud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 14 Jul 2024 21:55:41 GMT
Last-Modified
Tue, 17 Oct 2023 12:19:06 GMT
Server
AmazonS3
x-amz-request-id
BVNE236REGSATTS1
ETag
"79970b50601af623894fecbbb8524041"
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
30000
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, PUT, DELETE, POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
ETag
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
6834
x-amz-id-2
FLLRsfQ+0j/ILFTtrPO79SbHSaV/F13dtbVXV2Raz7xdAZqp6YG3KjvzxXhdN8YBKOrHx51SSpQ=
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://telegramfraud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
hi
telegramfraud.com/user/ 		57 B
811 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegramfraud.com/user/hi
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b4463de0ece918e7cac85e9df6b26b9ad845774b640104078ec970947e66d38d

Request headers

X-Bubble-Epoch-Name
Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID
1720994140890x868100616844831400
X-Bubble-Fiber-ID
1720994140958x975512397908323000
X-Bubble-PL
1720994138940x865
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://telegramfraud.com/
cache-control
no-cache
Referer
https://telegramfraud.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

date
Sun, 14 Jul 2024 21:55:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":67.7,"percents":{"top":{"bubble_cpu":6.8,"block":83.3,"capacity_rl":0,"other_pause":0,"pre_fiber":10.1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":8,"appserver_cache_misses_time":0,"redis":51.3,"fiber_queue":2.1,"capacity_wait":29.9}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":12,"fiber_queue":14,"blocks":13},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":694577}}
server
cloudflare
x-bubble-appname
fraud-telegram
x-powered-by
Express
x-bubble-request-took
67
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache
x-bubble-capacity-used
0.011 unit-seconds used
cf-ray
8a34c22518aebaf3-MXP
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
20.2 ms slower
js
www.googletagmanager.com/gtag/ 		127 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=null
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
3c5ad65cef2d51a669c574a270f80caf3d55134cefabf069e0622b2de2dca6bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://telegramfraud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 21:55:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49656
x-xss-protection
0
last-modified
Sun, 14 Jul 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 14 Jul 2024 21:55:41 GMT
start
telegramfraud.com/workflow/ 		801 B
928 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegramfraud.com/workflow/start
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

X-Bubble-Epoch-Name
Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID
1720994140890x868100616844831400
X-Bubble-Fiber-ID
1720994141039x258552005263764200
X-Bubble-PL
1720994138940x865
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://telegramfraud.com/
cache-control
no-cache
Referer
https://telegramfraud.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

date
Sun, 14 Jul 2024 21:55:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":217.2,"percents":{"top":{"bubble_cpu":19,"block":79.3,"capacity_rl":0,"other_pause":0,"pre_fiber":0.6},"sub":{"pp_userdb":8.7,"pp_wait_userdb":0,"http_request":0,"serverjson":125.1,"appserver_cache_misses_time":0,"redis":29.7,"fiber_queue":3.3,"capacity_wait":0.8}},"counts":{"pp_userdb":2,"http_request":0,"derived_build":0,"derived_cache_attempts":2,"derived_cache_memory_misses":2,"serverjson":46,"appserver_cache_attempts":2,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":1,"redis":124,"fiber_queue":120,"blocks":119},"misc":{"userdb_results":1,"userdb_data":233,"spent_time":15192482}}
server
cloudflare
x-bubble-appname
fraud-telegram
x-powered-by
Express
x-bubble-request-took
217
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache
x-bubble-capacity-used
0.234 unit-seconds used
cf-ray
8a34c22589ebbaf3-MXP
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-64FBLDR671&gtm=45je4790v9180417855za200&_p=1720994140374&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1932649910.1720994141&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720994141&sct=1&seg=0&dl=https%3A%2F%2Ftelegramfraud.com%2F&dt=%D0%A0%D0%B5%D0%B5%D1%81%D1%82%D1%80%20%D0%BD%D0%B5%D0%B1%D0%BB%D0%B0%D0%B3%D0%BE%D0%BD%D0%B0%D0%B4%D0%B5%D0%B6%D0%BD%D1%8B%D1%85%20%D1%82%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D0%BE%D0%B2%20%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D1%80%D0%BE%D0%B2&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1206&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-64FBLDR671
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://telegramfraud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jul 2024 21:55:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://telegramfraud.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
telegramfraud.com/user/ 		4 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegramfraud.com/user/m
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

X-Bubble-Fiber-ID
1720994141224x453386763697857500
X-Bubble-PL
1720994138940x865
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://telegramfraud.com/
cache-control
no-cache
Referer
https://telegramfraud.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

date
Sun, 14 Jul 2024 21:55:41 GMT
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":16.5,"percents":{"top":{"bubble_cpu":26.5,"block":66.7,"capacity_rl":0,"other_pause":0,"pre_fiber":5.1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":27.9,"fiber_queue":3.3,"capacity_wait":12.4}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":10,"fiber_queue":13,"blocks":12},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":657911}}
server
cloudflare
x-powered-by
Express
x-bubble-capacity-used
0.01 unit-seconds used
cf-ray
8a34c226cbc3baf3-MXP
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10430.vmMJ6r31dARAzVHjGNa8LTOXXc5rlejI8vUWS1IXJc2UjRaJEt4z_0lFOVyt1Vir.mW-8PbQEmoAZa4EpF6bnKfxFJZE%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10430.9ULeHuGgwV2ePGUTc7Zyy5jpiO-HmJPLuIL1wiHkJIIgqHTA0xgv2yB-wNBTRPKau3BIUm6QLdHeobPJm8R-qxqmJiMPxM3FCNNnQk1e3ruOAoD8mHdktIBm-L3zResYbzVbW8_hL2...
43 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10430.9ULeHuGgwV2ePGUTc7Zyy5jpiO-HmJPLuIL1wiHkJIIgqHTA0xgv2yB-wNBTRPKau3BIUm6QLdHeobPJm8R-qxqmJiMPxM3FCNNnQk1e3ruOAoD8mHdktIBm-L3zResYbzVbW8_hL24stiI1L101CV8jFAy8Kkscz-b64uArHFqpWjwbl_e7Ppv8whwu1Ti5f4PcRFUT0onp92GKEg9FnG2EidZMYR_p2VSFoaqsI70%2C.hvt-eaarUfgp4NeELbjdJFkyXtA%2C
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/
Protocol
H2
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://telegramfraud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 21:55:41 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10430.9ULeHuGgwV2ePGUTc7Zyy5jpiO-HmJPLuIL1wiHkJIIgqHTA0xgv2yB-wNBTRPKau3BIUm6QLdHeobPJm8R-qxqmJiMPxM3FCNNnQk1e3ruOAoD8mHdktIBm-L3zResYbzVbW8_hL24stiI1L101CV8jFAy8Kkscz-b64uArHFqpWjwbl_e7Ppv8whwu1Ti5f4PcRFUT0onp92GKEg9FnG2EidZMYR_p2VSFoaqsI70%2C.hvt-eaarUfgp4NeELbjdJFkyXtA%2C
date
Sun, 14 Jul 2024 21:55:41 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://telegramfraud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 21:55:41 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 03 Jul 2024 07:33:50 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6684fede-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 14 Jul 2024 22:55:41 GMT
1
mc.yandex.com/watch/97125067/
Redirect Chain
  • https://mc.yandex.com/watch/97125067?wmode=7&page-url=https%3A%2F%2Ftelegramfraud.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Afu%3A0%3Aen%3Autf-8%3Al...
  • https://mc.yandex.com/watch/97125067/1?wmode=7&page-url=https%3A%2F%2Ftelegramfraud.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Afu%3A0%3Aen%3Autf-8%3...
447 B
539 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/97125067/1?wmode=7&page-url=https%3A%2F%2Ftelegramfraud.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ait-IT%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A889147338740%3Ahid%3A92232489%3Az%3A120%3Ai%3A20240714235541%3Aet%3A1720994139%3Ac%3A1%3Arn%3A653436805%3Arqn%3A1%3Au%3A1720994139845525914%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C204%2C829%2C3%2C606%2C0%2C%2C1134%2C0%2C%2C%2C%2C3266%3Aco%3A0%3Acpf%3A1%3Ans%3A1720994137621%3Agi%3AR0ExLjEuMTkzMjY0OTkxMC4xNzIwOTk0MTQx%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720994139%3At%3A%D0%A0%D0%B5%D0%B5%D1%81%D1%82%D1%80%20%D0%BD%D0%B5%D0%B1%D0%BB%D0%B0%D0%B3%D0%BE%D0%BD%D0%B0%D0%B4%D0%B5%D0%B6%D0%BD%D1%8B%D1%85%20%D1%82%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D0%BE%D0%B2%20%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D1%80%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29
Protocol
H2
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
73ce6556ec48522fbf649d6e047b3b46233ef9e2afbd0455dac4edbba13dbe36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://telegramfraud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jul 2024 21:55:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sun, 14-Jul-2024 21:55:41 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://telegramfraud.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
447
x-xss-protection
1; mode=block
expires
Sun, 14-Jul-2024 21:55:41 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Jul 2024 21:55:41 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 14-Jul-2024 21:55:41 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/97125067/1?wmode=7&page-url=https%3A%2F%2Ftelegramfraud.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ait-IT%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A889147338740%3Ahid%3A92232489%3Az%3A120%3Ai%3A20240714235541%3Aet%3A1720994139%3Ac%3A1%3Arn%3A653436805%3Arqn%3A1%3Au%3A1720994139845525914%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C204%2C829%2C3%2C606%2C0%2C%2C1134%2C0%2C%2C%2C%2C3266%3Aco%3A0%3Acpf%3A1%3Ans%3A1720994137621%3Agi%3AR0ExLjEuMTkzMjY0OTkxMC4xNzIwOTk0MTQx%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720994139%3At%3A%D0%A0%D0%B5%D0%B5%D1%81%D1%82%D1%80%20%D0%BD%D0%B5%D0%B1%D0%BB%D0%B0%D0%B3%D0%BE%D0%BD%D0%B0%D0%B4%D0%B5%D0%B6%D0%BD%D1%8B%D1%85%20%D1%82%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D0%BE%D0%B2%20%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D1%80%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29
access-control-allow-origin
https://telegramfraud.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 14-Jul-2024 21:55:41 GMT
https%3A%2F%2Fac28f1ae4aac704c41592fda08d4ed56.cdn.bubble.io%2Ff1713267793663x429426331715707200%2Ffavicon.png
d1muf25xaso8hp.cloudfront.net/ 		3 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fac28f1ae4aac704c41592fda08d4ed56.cdn.bubble.io%2Ff1713267793663x429426331715707200%2Ffavicon.png?w=128&h=&auto=compress&dpr=1&fit=max
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-118.fra56.r.cloudfront.net
Software
imgix /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://telegramfraud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 21:55:42 GMT
via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-C2
age
713131
x-cache
Miss from cloudfront
x-imgix-id
08bd4d104446728a3772357543498bb1b6a7502d
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3280
x-served-by
cache-sjc10036-SJC, cache-fra-etou8220136-FRA
last-modified
Sat, 06 Jul 2024 15:50:10 GMT
server
imgix
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
BjPD-C5mJChjqXBcbr3NJj6LmaNF5H6JxJlCtnyKvKRhZoalUit-yg==
metrika_match.html
mc.yandex.com/metrika/ Frame 8FD9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://telegramfraud.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
1048
content-type
text/html
date
Sun, 14 Jul 2024 21:55:42 GMT
etag
"6684fede-418"
expires
Sun, 14 Jul 2024 22:55:42 GMT
last-modified
Wed, 03 Jul 2024 07:33:50 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
mget
telegramfraud.com/elasticsearch/ 		341 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegramfraud.com/elasticsearch/mget
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

X-Bubble-Fiber-ID
1720994141877x140162989896685180
X-Bubble-PL
1720994138940x865
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://telegramfraud.com/
cache-control
no-cache
Referer
https://telegramfraud.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

date
Sun, 14 Jul 2024 21:55:42 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":25.2,"percents":{"top":{"bubble_cpu":28.1,"block":62.8,"capacity_rl":0,"other_pause":0,"pre_fiber":5.1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":21.1,"appserver_cache_misses_time":0,"redis":54.7,"fiber_queue":3.7,"capacity_wait":5.7}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":5,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":17,"fiber_queue":19,"blocks":18},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1060602}}
server
cloudflare
x-bubble-appname
fraud-telegram
x-powered-by
Express
x-bubble-request-took
25
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache
x-bubble-capacity-used
0.016 unit-seconds used
cf-ray
8a34c22afa56baf3-MXP
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
Primary Request en
telegramfraud.com/ 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://telegramfraud.com/en
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/package/run_js/7bb052db5df25e4da0570736f9d86bd1baf6a3d8af94aac3be23b93c539e9b0b/xfalse/x29/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
dea9e670c8ec233b28ab876967c3f76f7b37f4d99dcdd4d1b3eda515fd594074
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options DENY

Request headers

Referer
https://telegramfraud.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
8a34c22c0c0bbaf3-MXP
content-encoding
br
content-security-policy
frame-ancestors 'none';
content-type
text/html
date
Sun, 14 Jul 2024 21:55:42 GMT
referrer-policy
origin
server
cloudflare
vary
Accept-Encoding
x-bubble-capacity-limit
0 ms slower
x-bubble-capacity-used
0.132 unit-seconds used
x-bubble-perf
{"total":325.2,"percents":{"top":{"bubble_cpu":17.6,"block":81.8,"capacity_rl":0,"other_pause":0,"pre_fiber":0.3},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":97.1,"appserver_cache_misses_time":0,"redis":41.5,"fiber_queue":2,"capacity_wait":0.4}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":9,"derived_cache_memory_misses":9,"derived_cache_redis_misses":5,"serverjson":40,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":131,"fiber_queue":108,"blocks":107},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":8579644}}
x-frame-options
DENY
x-powered-by
Express
apm
telegramfraud.com/user/ 		4 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegramfraud.com/user/apm
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

X-Bubble-Fiber-ID
1720994142242x922546733896967000
X-Bubble-PL
1720994138940x865
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://telegramfraud.com/
cache-control
no-cache
Referer
https://telegramfraud.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

date
Sun, 14 Jul 2024 21:55:42 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":16.4,"percents":{"top":{"bubble_cpu":30.1,"block":38.9,"capacity_rl":0,"other_pause":0,"pre_fiber":33.6},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":20.6,"fiber_queue":29.8,"capacity_wait":11.4}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":10,"fiber_queue":12,"blocks":11},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":737817}}
server
cloudflare
x-bubble-appname
fraud-telegram
x-powered-by
Express
x-bubble-request-took
17
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache
x-bubble-capacity-used
0.011 unit-seconds used
cf-ray
8a34c22d2e4ebaf3-MXP
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
collect
region1.google-analytics.com/g/ 		0
0
97125067
mc.yandex.com/webvisor/ 		0
0
97125067
mc.yandex.com/webvisor/ 		0
0
early.js
telegramfraud.com/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/ 		24 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://telegramfraud.com/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b

Request headers

Referer
https://telegramfraud.com/
Origin
https://telegramfraud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 21:55:39 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":59.8,"percents":{"top":{"bubble_cpu":11.6,"block":86.9,"capacity_rl":0,"other_pause":0,"pre_fiber":0.8},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":9.2,"appserver_cache_misses_time":0,"redis":9.6,"fiber_queue":1.1,"capacity_wait":10.1}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":10,"blocks":9},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1041703}}
age
1130900
x-powered-by
Express
x-bubble-capacity-used
0.016 unit-seconds used
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
cf-ray
8a34c21abf03baf3-MXP
x-bubble-capacity-limit
0 ms slower
run.css
telegramfraud.com/package/run_css/89ef2af7b89418548622a7e486e8ff033a6f6fbbb7ae2bdb8d9cb2c3993872be/fraud-telegram/live/en/xfalse/xfalse/ 		73 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegramfraud.com/package/run_css/89ef2af7b89418548622a7e486e8ff033a6f6fbbb7ae2bdb8d9cb2c3993872be/fraud-telegram/live/en/xfalse/xfalse/run.css
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d2fc453332fe9cf71ff64eddb765d68edb8747e8fcf144949b5480f4b85bfa23

Request headers

Referer
https://telegramfraud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 21:55:43 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":71.1,"percents":{"top":{"bubble_cpu":25.1,"block":71,"capacity_rl":0,"other_pause":0,"pre_fiber":1.5},"sub":{"pp_userdb":1.4,"pp_wait_userdb":0,"http_request":0,"serverjson":11.4,"appserver_cache_misses_time":0,"redis":27.9,"fiber_queue":2.5,"capacity_wait":1.7}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":2,"derived_cache_memory_misses":2,"serverjson":13,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":32,"fiber_queue":37,"blocks":36},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":2676205}}
cf-polished
origSize=95469
x-powered-by
Express
x-bubble-capacity-used
0.041 unit-seconds used
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
cf-ray
8a34c2307b8ebaf3-MXP
x-bubble-capacity-limit
0 ms slower
pre_run_jquery.js
telegramfraud.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/ 		88 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://telegramfraud.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

Referer
https://telegramfraud.com/
Origin
https://telegramfraud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 21:55:39 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":110,"percents":{"top":{"bubble_cpu":7.1,"block":92.1,"capacity_rl":0,"other_pause":0,"pre_fiber":0.5},"sub":{"pp_userdb":1.8,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":10.8,"fiber_queue":5.3,"capacity_wait":1.5}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":12,"fiber_queue":15,"blocks":14},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":1169411}}
age
11417058
x-powered-by
Express
x-bubble-capacity-used
0.018 unit-seconds used
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
cf-ray
8a34c21abf06baf3-MXP
x-bubble-capacity-limit
0 ms slower
run.js
telegramfraud.com/package/run_js/7bb052db5df25e4da0570736f9d86bd1baf6a3d8af94aac3be23b93c539e9b0b/xfalse/x29/ 		3 MB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://telegramfraud.com/package/run_js/7bb052db5df25e4da0570736f9d86bd1baf6a3d8af94aac3be23b93c539e9b0b/xfalse/x29/run.js
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f82db55c28494802083b780ef42d77a2e1ff0cccbe68bbe24b6f11667fc50d65

Request headers

Referer
https://telegramfraud.com/
Origin
https://telegramfraud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 21:55:39 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":74.6,"percents":{"top":{"bubble_cpu":35,"block":59.1,"capacity_rl":0,"other_pause":0,"pre_fiber":3},"sub":{"pp_userdb":1.3,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":43.8,"fiber_queue":2.4,"capacity_wait":5.3}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":18,"fiber_queue":19,"blocks":18},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":3919071}}
age
178147
x-powered-by
Express
x-bubble-capacity-used
0.06 unit-seconds used
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
cf-ray
8a34c21abf08baf3-MXP
x-bubble-capacity-limit
0 ms slower
static.js
telegramfraud.com/package/static_js/77f73d89810f262b3e43ac58e35d908d46e452b9da5a103f51c695c0d726887b/fraud-telegram/live/en/xnull/xfalse/xfalse/xfalse/ 		195 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegramfraud.com/package/static_js/77f73d89810f262b3e43ac58e35d908d46e452b9da5a103f51c695c0d726887b/fraud-telegram/live/en/xnull/xfalse/xfalse/xfalse/static.js
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
933669d020d445dfd2e6d6a2861c8af584274cb9c89401ed08379a83189aba55

Request headers

Referer
https://telegramfraud.com/
Origin
https://telegramfraud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 21:55:43 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":198.3,"percents":{"top":{"bubble_cpu":15.5,"block":84.3,"capacity_rl":0,"other_pause":0,"pre_fiber":0.7},"sub":{"pp_userdb":1,"pp_wait_userdb":0,"http_request":0,"serverjson":20.1,"appserver_cache_misses_time":0,"redis":29.2,"fiber_queue":1.2,"capacity_wait":0.7}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":7,"derived_cache_memory_misses":7,"derived_cache_redis_misses":1,"serverjson":30,"appserver_cache_attempts":2,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":1,"redis":56,"fiber_queue":57,"blocks":56},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":4607484}}
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-bubble-capacity-used
0.071 unit-seconds used
timing-allow-origin
*
cf-ray
8a34c2307b93baf3-MXP
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
dynamic.js
telegramfraud.com/package/dynamic_js/54b5ee77f30cb0b4a57fe00a3310a1badf0c7870401a01d7f393fde408867bde/fraud-telegram/live/en/xnull/xfalse/xfalse/en_us/xfalse/xfalse/ 		341 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegramfraud.com/package/dynamic_js/54b5ee77f30cb0b4a57fe00a3310a1badf0c7870401a01d7f393fde408867bde/fraud-telegram/live/en/xnull/xfalse/xfalse/en_us/xfalse/xfalse/dynamic.js
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6fa74877b314e2853632b2a119d3db03ff6d178355ce5c810ade127f1c2d54d8

Request headers

Referer
https://telegramfraud.com/
Origin
https://telegramfraud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 21:55:43 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":166.8,"percents":{"top":{"bubble_cpu":10.2,"block":89.7,"capacity_rl":0,"other_pause":0,"pre_fiber":0.4},"sub":{"pp_userdb":1.2,"pp_wait_userdb":0,"http_request":0,"serverjson":35.1,"appserver_cache_misses_time":0,"redis":23.3,"fiber_queue":4.6,"capacity_wait":1}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":2,"derived_cache_memory_misses":2,"serverjson":8,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":32,"fiber_queue":36,"blocks":35},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":2557843}}
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-bubble-capacity-used
0.039 unit-seconds used
timing-allow-origin
*
cf-ray
8a34c2307b94baf3-MXP
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
feather-icons
cdn.jsdelivr.net/npm/ 		74 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/feather-icons
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ea465ac6b69a037dc49fda6ab1c585f95725091eff4515df61db91d9d3c5e54e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://telegramfraud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 21:55:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
2365
x-jsd-version
4.29.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
21865
x-served-by
cache-fra-etou8220026-FRA, cache-mxp6957-MXP
x-jsd-version-type
version
etag
W/"1290f-X/pK4GwdM6kTkoZ77NToWvhCbGg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
js
www.googletagmanager.com/gtag/ 		307 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-64FBLDR671
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
c2d10572de3dc47a1b7ddb6943cad26fe741ac92c8e32aafe74bcdd2d2e59f96
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://telegramfraud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 21:55:40 GMT
content-encoding
br
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103975
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 14 Jul 2024 21:55:40 GMT
css
fonts.googleapis.com/ 		9 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Mono:regular%7CIBM+Plex+Mono:500%7CIBM+Plex+Mono:600%7CIBM+Plex+Mono:700%7CRaleway:regular
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f10.1e100.net
Software
ESF /
Resource Hash
cf5d4a07787b0e60ff27fc562378b50781a5f2c71174a65a50729132e008cc66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://telegramfraud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 21:55:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Jul 2024 21:55:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Jul 2024 21:55:39 GMT
data
telegramfraud.com/api/1.1/init/ 		313 B
896 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegramfraud.com/api/1.1/init/data?location=https%3A%2F%2Ftelegramfraud.com%2Fen
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
adbaafb069aa9044371c0a6e0d8625927b21d206f0ed6b13ccc4847b6467cd69

Request headers

Referer
https://telegramfraud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 21:55:43 GMT
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":15.6,"percents":{"top":{"bubble_cpu":32.6,"block":58.7,"capacity_rl":0,"other_pause":0,"pre_fiber":7.9},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":29.5,"appserver_cache_misses_time":0,"redis":46.5,"fiber_queue":3.9,"capacity_wait":7.7}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":4,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":15,"fiber_queue":17,"blocks":16},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":763801}}
server
cloudflare
x-powered-by
Express
x-bubble-capacity-used
0.012 unit-seconds used
cf-ray
8a34c2310c59baf3-MXP
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
-F63fjptAgt5VM-kVkqdyU8n1i8q1w.woff2
fonts.gstatic.com/s/ibmplexmono/v19/ 		14 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexmono/v19/-F63fjptAgt5VM-kVkqdyU8n1i8q1w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Mono:regular%7CIBM+Plex+Mono:500%7CIBM+Plex+Mono:600%7CIBM+Plex+Mono:700%7CRaleway:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
3c5a451f9ec27a354b0c2bcca636c6ec17a651281aabf29f8427e210a1d31e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://telegramfraud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:42:21 GMT
x-content-type-options
nosniff
age
475999
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14812
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 00:17:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 09:42:21 GMT
-F6qfjptAgt5VM-kVkqdyU8n3twJwlBFgg.woff2
fonts.gstatic.com/s/ibmplexmono/v19/ 		15 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexmono/v19/-F6qfjptAgt5VM-kVkqdyU8n3twJwlBFgg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Mono:regular%7CIBM+Plex+Mono:500%7CIBM+Plex+Mono:600%7CIBM+Plex+Mono:700%7CRaleway:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
756026ff72eb76fd971ac4b7504cec55eef62109d2684c2cad8da32170b80b37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://telegramfraud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:16:00 GMT
x-content-type-options
nosniff
age
430780
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14988
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 23:44:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 22:16:00 GMT
-F6qfjptAgt5VM-kVkqdyU8n3vAOwlBFgg.woff2
fonts.gstatic.com/s/ibmplexmono/v19/ 		15 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexmono/v19/-F6qfjptAgt5VM-kVkqdyU8n3vAOwlBFgg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Mono:regular%7CIBM+Plex+Mono:500%7CIBM+Plex+Mono:600%7CIBM+Plex+Mono:700%7CRaleway:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
c4d3deb734a27e6d0dc7a6b464779f70ba1c272e26287860a14e35e85acb5b76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://telegramfraud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:46:03 GMT
x-content-type-options
nosniff
age
475777
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15704
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 23:36:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 09:46:03 GMT
-F6qfjptAgt5VM-kVkqdyU8n3pQPwlBFgg.woff2
fonts.gstatic.com/s/ibmplexmono/v19/ 		15 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexmono/v19/-F6qfjptAgt5VM-kVkqdyU8n3pQPwlBFgg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Mono:regular%7CIBM+Plex+Mono:500%7CIBM+Plex+Mono:600%7CIBM+Plex+Mono:700%7CRaleway:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
a51b6594bdda5d76e047259fb1fcaf7af2eb227cac553b4eb1cffa8328784c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://telegramfraud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:56:03 GMT
x-content-type-options
nosniff
age
475177
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14956
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 23:36:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 09:56:03 GMT
1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
fonts.gstatic.com/s/raleway/v34/ 		22 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v34/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Mono:regular%7CIBM+Plex+Mono:500%7CIBM+Plex+Mono:600%7CIBM+Plex+Mono:700%7CRaleway:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
3e44fb721d3be9376c6e5e946109067a04da84ae10b3f27a03ada7a3731e515c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://telegramfraud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:40:44 GMT
x-content-type-options
nosniff
age
476096
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22432
x-xss-protection
0
last-modified
Wed, 01 May 2024 20:31:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 09:40:44 GMT
tag.js
mc.yandex.ru/metrika/ 		200 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
75dbb4380a386220610babb812bafaed50a4f983fa198851836a64d6fad2b094

Request headers

Referer
https://telegramfraud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 21:55:40 GMT
content-encoding
br
last-modified
Wed, 03 Jul 2024 07:33:50 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6684fede-112d7"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
70359
expires
Sun, 14 Jul 2024 22:55:40 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://telegramfraud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
plst.js
plst237.s3.amazonaws.com/ 		7 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://plst237.s3.amazonaws.com/plst.js
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.216.33.137 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
57329622c0571f0bc59a56da7cbbb007f53a6f69f66302fc41a99cdb429c5f8d

Request headers

Referer
https://telegramfraud.com/
Origin
https://telegramfraud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 14 Jul 2024 21:55:41 GMT
Last-Modified
Tue, 17 Oct 2023 12:19:06 GMT
Server
AmazonS3
x-amz-request-id
BVNE236REGSATTS1
ETag
"79970b50601af623894fecbbb8524041"
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
30000
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, PUT, DELETE, POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
ETag
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
6834
x-amz-id-2
FLLRsfQ+0j/ILFTtrPO79SbHSaV/F13dtbVXV2Raz7xdAZqp6YG3KjvzxXhdN8YBKOrHx51SSpQ=
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-64FBLDR671&gtm=45je4790v9180417855za200&_p=1720994143352&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1932649910.1720994141&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720994141&sct=1&seg=1&dl=https%3A%2F%2Ftelegramfraud.com%2Fen&dr=https%3A%2F%2Ftelegramfraud.com%2F&dt=Register%20of%20unreliable%20telegram%20channels%20and%20authors&en=page_view&_ee=1&tfd=348&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-64FBLDR671
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://telegramfraud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jul 2024 21:55:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://telegramfraud.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fontawesome-4.7.0.svg
telegramfraud.com/static/icon_libraries/ 		611 KB
175 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://telegramfraud.com/static/icon_libraries/fontawesome-4.7.0.svg
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/package/run_js/7bb052db5df25e4da0570736f9d86bd1baf6a3d8af94aac3be23b93c539e9b0b/xfalse/x29/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c2f9c20b292ec88ccd8daef3d2fb2ccf68b3b10bfc50a400cf6abab05c919ee9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://telegramfraud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 21:55:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
x-bubble-perf
{"total":17.7,"percents":{"top":{"bubble_cpu":35.8,"block":53.8,"capacity_rl":0,"other_pause":0,"pre_fiber":8.8},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":30.1,"fiber_queue":5.6,"capacity_wait":13.7}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":10,"fiber_queue":13,"blocks":12},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":949256}}
age
1562459
x-powered-by
Express
x-bubble-capacity-used
0.015 unit-seconds used
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
cf-ray
8a34c235bc16baf3-MXP
x-bubble-capacity-limit
0 ms slower
hi
telegramfraud.com/user/ 		57 B
759 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegramfraud.com/user/hi
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b4463de0ece918e7cac85e9df6b26b9ad845774b640104078ec970947e66d38d

Request headers

X-Bubble-Epoch-Name
Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID
1720994143434x477635142686095400
X-Bubble-Fiber-ID
1720994144048x575607852248173400
X-Bubble-PL
1720994142364x238
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://telegramfraud.com/en
cache-control
no-cache
Referer
https://telegramfraud.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

date
Sun, 14 Jul 2024 21:55:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":12.1,"percents":{"top":{"bubble_cpu":33.4,"block":61.8,"capacity_rl":0,"other_pause":0,"pre_fiber":4.8},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":20.2,"appserver_cache_misses_time":0,"redis":45.3,"fiber_queue":5.1,"capacity_wait":10.5}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":12,"fiber_queue":14,"blocks":13},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":607023}}
server
cloudflare
x-bubble-appname
fraud-telegram
x-powered-by
Express
x-bubble-request-took
12
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache
x-bubble-capacity-used
0.009 unit-seconds used
cf-ray
8a34c2386842baf3-MXP
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
https%3A%2F%2Fac28f1ae4aac704c41592fda08d4ed56.cdn.bubble.io%2Ff1710624986870x143343342989221700%2F283d0b47-6790-404c-b642-88e2679c11ac.webp
d1muf25xaso8hp.cloudfront.net/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fac28f1ae4aac704c41592fda08d4ed56.cdn.bubble.io%2Ff1710624986870x143343342989221700%2F283d0b47-6790-404c-b642-88e2679c11ac.webp?w=96&h=96&auto=compress&dpr=1&fit=max
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-118.fra56.r.cloudfront.net
Software
imgix /
Resource Hash
03da4172eecc330846a9d7c056c18a2bb88c49c5ddfd68a60035ec70af715335
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://telegramfraud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 21:55:44 GMT
via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-C2
age
0
x-cache
Miss from cloudfront
x-imgix-id
aba840b8c3fd66dda385e721fddf3e1bf099daf6
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1981
x-served-by
cache-sjc1000104-SJC, cache-fra-etou8220094-FRA
last-modified
Sun, 14 Jul 2024 21:55:44 GMT
server
imgix
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
FwonGjwI2I6ScOL_Et2F9I3VeIGNjkj5FsPujt6mQblqOtcke19bmA==
https%3A%2F%2Fac28f1ae4aac704c41592fda08d4ed56.cdn.bubble.io%2Ff1710620967265x818431606343276500%2F5c91dc58-a7dd-4e69-b402-820c20d881c9.webp
d1muf25xaso8hp.cloudfront.net/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fac28f1ae4aac704c41592fda08d4ed56.cdn.bubble.io%2Ff1710620967265x818431606343276500%2F5c91dc58-a7dd-4e69-b402-820c20d881c9.webp?w=384&h=384&auto=compress&dpr=1&fit=max
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-118.fra56.r.cloudfront.net
Software
imgix /
Resource Hash
9bd0279b23e2566c3cde07f58324401e0c5659a3f61ccf74699780748ae8a3a5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://telegramfraud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 21:55:44 GMT
via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-C2
age
833889
x-cache
Miss from cloudfront
x-imgix-id
fdaf5b17d8e5edc58a8e6d13499a9f76dedba5b6
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25622
x-served-by
cache-sjc1000091-SJC, cache-fra-eddf8230116-FRA
last-modified
Fri, 05 Jul 2024 06:17:34 GMT
server
imgix
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
pya8bo_XeQo94a1elJFA2S_wNHta3mlJ676X84zclSq-Mnxdo7kXzQ==
js
www.googletagmanager.com/gtag/ 		127 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=null
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
3c5ad65cef2d51a669c574a270f80caf3d55134cefabf069e0622b2de2dca6bb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://telegramfraud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 21:55:41 GMT
content-encoding
br
last-modified
Sun, 14 Jul 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
49656
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 14 Jul 2024 21:55:41 GMT
msearch
telegramfraud.com/elasticsearch/ 		14 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegramfraud.com/elasticsearch/msearch
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4d9912b379f5cc67b1ba842ad7c8ac713fbc726c50d577bbd22ad73d3875adab

Request headers

X-Bubble-Epoch-Name
Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID
1720994143434x477635142686095400
X-Bubble-Fiber-ID
1720994144199x484736771075080500
X-Bubble-PL
1720994142364x238
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://telegramfraud.com/en
cache-control
no-cache
Referer
https://telegramfraud.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

date
Sun, 14 Jul 2024 21:55:44 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":47.1,"percents":{"top":{"bubble_cpu":19,"block":76.8,"capacity_rl":0,"other_pause":0,"pre_fiber":2.4},"sub":{"pp_userdb":29.7,"pp_wait_userdb":0,"http_request":0,"serverjson":61.9,"appserver_cache_misses_time":0,"redis":34.5,"fiber_queue":2.8,"capacity_wait":2.6}},"counts":{"pp_userdb":2,"http_request":0,"derived_build":0,"serverjson":7,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":31,"fiber_queue":30,"blocks":29},"misc":{"userdb_results":4,"userdb_data":18764,"spent_time":6345727}}
server
cloudflare
x-bubble-appname
fraud-telegram
x-powered-by
Express
x-bubble-request-took
47
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache
x-bubble-capacity-used
0.098 unit-seconds used
cf-ray
8a34c23949c5baf3-MXP
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
maggregate
telegramfraud.com/elasticsearch/ 		70 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegramfraud.com/elasticsearch/maggregate
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2ea19244e232fa0f9ebbdf52acc5d644d89451d1a0325d297e7f01a8047f1e43

Request headers

X-Bubble-Epoch-Name
Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID
1720994143434x477635142686095400
X-Bubble-Fiber-ID
1720994144206x679283895147544400
X-Bubble-PL
1720994142364x238
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://telegramfraud.com/en
cache-control
no-cache
Referer
https://telegramfraud.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

date
Sun, 14 Jul 2024 21:55:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":20.1,"percents":{"top":{"bubble_cpu":30.3,"block":64,"capacity_rl":0,"other_pause":0,"pre_fiber":5.8},"sub":{"pp_userdb":19.9,"pp_wait_userdb":0,"http_request":0,"serverjson":17.8,"appserver_cache_misses_time":0,"redis":35.3,"fiber_queue":3.3,"capacity_wait":6}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":3,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":15,"fiber_queue":18,"blocks":17},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1913106}}
server
cloudflare
x-bubble-appname
fraud-telegram
x-powered-by
Express
x-bubble-request-took
20
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache
x-bubble-capacity-used
0.029 unit-seconds used
cf-ray
8a34c23969e6baf3-MXP
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
https%3A%2F%2Fac28f1ae4aac704c41592fda08d4ed56.cdn.bubble.io%2Ff1710620967265x818431606343276500%2F5c91dc58-a7dd-4e69-b402-820c20d881c9.webp
d1muf25xaso8hp.cloudfront.net/ 		25 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fac28f1ae4aac704c41592fda08d4ed56.cdn.bubble.io%2Ff1710620967265x818431606343276500%2F5c91dc58-a7dd-4e69-b402-820c20d881c9.webp?w=384&h=384&auto=compress&dpr=1&fit=max
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-118.fra56.r.cloudfront.net
Software
imgix /
Resource Hash
9bd0279b23e2566c3cde07f58324401e0c5659a3f61ccf74699780748ae8a3a5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://telegramfraud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 21:55:44 GMT
via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-C2
age
833889
x-cache
Miss from cloudfront
x-imgix-id
fdaf5b17d8e5edc58a8e6d13499a9f76dedba5b6
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25622
x-served-by
cache-sjc1000091-SJC, cache-fra-eddf8230116-FRA
last-modified
Fri, 05 Jul 2024 06:17:34 GMT
server
imgix
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
pya8bo_XeQo94a1elJFA2S_wNHta3mlJ676X84zclSq-Mnxdo7kXzQ==
97125067
mc.yandex.com/watch/ 		447 B
661 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/97125067?wmode=7&page-url=https%3A%2F%2Ftelegramfraud.com%2Fen&page-ref=https%3A%2F%2Ftelegramfraud.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ait-IT%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A889147338740%3Ahid%3A386333397%3Az%3A120%3Ai%3A20240714235544%3Aet%3A1720994143%3Ac%3A1%3Arn%3A210143131%3Arqn%3A2%3Au%3A1720994139845525914%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C572%2C3%2C109%2C0%2C%2C728%2C0%2C%2C%2C%2C1445%3Aco%3A0%3Acpf%3A1%3Ans%3A1720994141970%3Agi%3AR0ExLjEuMTkzMjY0OTkxMC4xNzIwOTk0MTQx%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720994143%3At%3ARegister%20of%20unreliable%20telegram%20channels%20and%20authors&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(0)cdl(na)eco(21037572)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
91e87088b31e15196bbe6c0c5d78dc20aad1f0bcaf7ad04a771fe7aa85801813
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://telegramfraud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jul 2024 21:55:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sun, 14-Jul-2024 21:55:44 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://telegramfraud.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
447
x-xss-protection
1; mode=block
expires
Sun, 14-Jul-2024 21:55:44 GMT
https%3A%2F%2Fac28f1ae4aac704c41592fda08d4ed56.cdn.bubble.io%2Ff1713302343040x866466749418657300%2Funited%2520states%2520%25281%2529.png
d1muf25xaso8hp.cloudfront.net/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fac28f1ae4aac704c41592fda08d4ed56.cdn.bubble.io%2Ff1713302343040x866466749418657300%2Funited%2520states%2520%25281%2529.png?w=24&h=&auto=compress&dpr=1&fit=max
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-118.fra56.r.cloudfront.net
Software
imgix /
Resource Hash
8f5625dc3d6750cd89b3f6c892963a5db13db0015b9c63ef0fc6f9b56445cfed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://telegramfraud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 21:55:45 GMT
via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-C2
age
0
x-cache
Miss from cloudfront
x-imgix-id
60df38d0c758e0308ba38616d095f5d73c0f3044
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1379
x-served-by
cache-sjc1000116-SJC, cache-fra-etou8220021-FRA
last-modified
Sun, 14 Jul 2024 21:55:45 GMT
server
imgix
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
c5cPnKDrbwDYmoi-HiYPFy4LDYkOcTxDoRTbb5V2dN0NnPknGjVnMw==
mget
telegramfraud.com/elasticsearch/ 		341 B
781 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegramfraud.com/elasticsearch/mget
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
909c4e6ed352d7172ba39b5099d2af7b86c0470ba45732b22937dcb8acb39974

Request headers

X-Bubble-Epoch-Name
Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID
1720994143434x477635142686095400
X-Bubble-Fiber-ID
1720994144270x753317489932929800
X-Bubble-PL
1720994142364x238
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://telegramfraud.com/en
cache-control
no-cache
Referer
https://telegramfraud.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

date
Sun, 14 Jul 2024 21:55:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":36.8,"percents":{"top":{"bubble_cpu":21.7,"block":55.4,"capacity_rl":0,"other_pause":0,"pre_fiber":17.7},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":48.4,"appserver_cache_misses_time":0,"redis":52.2,"fiber_queue":15.9,"capacity_wait":3.2}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":5,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":17,"fiber_queue":19,"blocks":18},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1201213}}
server
cloudflare
x-bubble-appname
fraud-telegram
x-powered-by
Express
x-bubble-request-took
36
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache
x-bubble-capacity-used
0.018 unit-seconds used
cf-ray
8a34c239ca85baf3-MXP
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
https%3A%2F%2Fac28f1ae4aac704c41592fda08d4ed56.cdn.bubble.io%2Ff1710624986870x143343342989221700%2F283d0b47-6790-404c-b642-88e2679c11ac.webp
d1muf25xaso8hp.cloudfront.net/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fac28f1ae4aac704c41592fda08d4ed56.cdn.bubble.io%2Ff1710624986870x143343342989221700%2F283d0b47-6790-404c-b642-88e2679c11ac.webp?w=96&h=96&auto=compress&dpr=1&fit=max
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-118.fra56.r.cloudfront.net
Software
imgix /
Resource Hash
03da4172eecc330846a9d7c056c18a2bb88c49c5ddfd68a60035ec70af715335
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://telegramfraud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 21:55:44 GMT
via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-C2
age
0
x-cache
Miss from cloudfront
x-imgix-id
aba840b8c3fd66dda385e721fddf3e1bf099daf6
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1981
x-served-by
cache-sjc1000104-SJC, cache-fra-etou8220094-FRA
last-modified
Sun, 14 Jul 2024 21:55:44 GMT
server
imgix
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
FwonGjwI2I6ScOL_Et2F9I3VeIGNjkj5FsPujt6mQblqOtcke19bmA==
metrika_match.html
mc.yandex.com/metrika/ Frame 1038 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash

Request headers

Referer
https://telegramfraud.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
1048
content-type
text/html
date
Sun, 14 Jul 2024 21:55:42 GMT
etag
"6684fede-418"
expires
Sun, 14 Jul 2024 22:55:42 GMT
last-modified
Wed, 03 Jul 2024 07:33:50 GMT
timing-allow-origin
*
msearch
telegramfraud.com/elasticsearch/ 		108 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegramfraud.com/elasticsearch/msearch
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7bbfd8f9251d1fc18620188f1f7a941f3885d0be47b62588522b7da734518776

Request headers

X-Bubble-Epoch-Name
Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID
1720994143434x477635142686095400
X-Bubble-Fiber-ID
1720994144673x587505101652717600
X-Bubble-PL
1720994142364x238
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://telegramfraud.com/en
cache-control
no-cache
Referer
https://telegramfraud.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

date
Sun, 14 Jul 2024 21:55:44 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":42.1,"percents":{"top":{"bubble_cpu":20.5,"block":72.6,"capacity_rl":0,"other_pause":0,"pre_fiber":3.5},"sub":{"pp_userdb":33.3,"pp_wait_userdb":0,"http_request":0,"serverjson":13.8,"appserver_cache_misses_time":0,"redis":31.5,"fiber_queue":2.6,"capacity_wait":3.7}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":4,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":16,"fiber_queue":19,"blocks":18},"misc":{"userdb_results":18,"userdb_data":143306,"spent_time":5292748}}
server
cloudflare
x-bubble-appname
fraud-telegram
x-powered-by
Express
x-bubble-request-took
43
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache
x-bubble-capacity-used
0.081 unit-seconds used
cf-ray
8a34c23c4ec0baf3-MXP
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
bulk_watch
telegramfraud.com/elasticsearch/ 		153 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegramfraud.com/elasticsearch/bulk_watch
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4eadb6f64e386c63f8f7cab558a6e6a6ac91e0f80dc111e93e6e71751f9c11b3

Request headers

X-Bubble-Epoch-Name
Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID
1720994143434x477635142686095400
X-Bubble-Fiber-ID
1720994144753x538266048122789440
X-Bubble-PL
1720994142364x238
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://telegramfraud.com/en
cache-control
no-cache
Referer
https://telegramfraud.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

date
Sun, 14 Jul 2024 21:55:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":124.2,"percents":{"top":{"bubble_cpu":8.8,"block":90.5,"capacity_rl":0,"other_pause":0,"pre_fiber":0.9},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":5.2,"appserver_cache_misses_time":0,"redis":12.7,"fiber_queue":1,"capacity_wait":0.9}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":7,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":23,"fiber_queue":26,"blocks":25},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1634538}}
server
cloudflare
x-bubble-appname
fraud-telegram
x-powered-by
Express
x-bubble-request-took
124
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache
x-bubble-capacity-used
0.025 unit-seconds used
cf-ray
8a34c23ccf52baf3-MXP
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
m
telegramfraud.com/user/ 		4 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegramfraud.com/user/m
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

X-Bubble-Fiber-ID
1720994144858x670448494670650400
X-Bubble-PL
1720994142364x238
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://telegramfraud.com/en
cache-control
no-cache
Referer
https://telegramfraud.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

date
Sun, 14 Jul 2024 21:55:45 GMT
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":27.9,"percents":{"top":{"bubble_cpu":21.3,"block":74.9,"capacity_rl":0,"other_pause":0,"pre_fiber":2.9},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":43.7,"fiber_queue":7.1,"capacity_wait":6.7}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":10,"fiber_queue":13,"blocks":12},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":891784}}
server
cloudflare
x-powered-by
Express
x-bubble-capacity-used
0.014 unit-seconds used
cf-ray
8a34c23d6820baf3-MXP
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
-F63fjptAgt5VM-kVkqdyU8n1isq129k.woff2
fonts.gstatic.com/s/ibmplexmono/v19/ 		0
0
apm
telegramfraud.com/user/ 		4 B
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegramfraud.com/user/apm
Requested by
Host: telegramfraud.com
URL: https://telegramfraud.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

X-Bubble-Fiber-ID
1720994145591x784245399204585700
X-Bubble-PL
1720994142364x238
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://telegramfraud.com/en
cache-control
no-cache
Referer
https://telegramfraud.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

date
Sun, 14 Jul 2024 21:55:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":35.9,"percents":{"top":{"bubble_cpu":19.4,"block":19.5,"capacity_rl":0,"other_pause":0,"pre_fiber":61.1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":14.1,"fiber_queue":1.4,"capacity_wait":3.7}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":10,"fiber_queue":12,"blocks":11},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1043771}}
server
cloudflare
x-bubble-appname
fraud-telegram
x-powered-by
Express
x-bubble-request-took
36
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache
x-bubble-capacity-used
0.016 unit-seconds used
cf-ray
8a34c2423ed0baf3-MXP
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
https%3A%2F%2Fac28f1ae4aac704c41592fda08d4ed56.cdn.bubble.io%2Ff1713302343040x866466749418657300%2Funited%2520states%2520%25281%2529.png
d1muf25xaso8hp.cloudfront.net/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fac28f1ae4aac704c41592fda08d4ed56.cdn.bubble.io%2Ff1713302343040x866466749418657300%2Funited%2520states%2520%25281%2529.png?w=24&h=&auto=compress&dpr=1&fit=max
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-118.fra56.r.cloudfront.net
Software
imgix /
Resource Hash
8f5625dc3d6750cd89b3f6c892963a5db13db0015b9c63ef0fc6f9b56445cfed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://telegramfraud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 21:55:45 GMT
via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-C2
age
0
x-cache
Miss from cloudfront
x-imgix-id
60df38d0c758e0308ba38616d095f5d73c0f3044
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1379
x-served-by
cache-sjc1000116-SJC, cache-fra-etou8220021-FRA
last-modified
Sun, 14 Jul 2024 21:55:45 GMT
server
imgix
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
c5cPnKDrbwDYmoi-HiYPFy4LDYkOcTxDoRTbb5V2dN0NnPknGjVnMw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-64FBLDR671&gtm=45je4790v9180417855za200&_p=1720994140374&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1932649910.1720994141&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1720994141&sct=1&seg=0&dl=https%3A%2F%2Ftelegramfraud.com%2F&dt=%D0%A0%D0%B5%D0%B5%D1%81%D1%82%D1%80%20%D0%BD%D0%B5%D0%B1%D0%BB%D0%B0%D0%B3%D0%BE%D0%BD%D0%B0%D0%B4%D0%B5%D0%B6%D0%BD%D1%8B%D1%85%20%D1%82%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D0%BE%D0%B2%20%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D1%80%D0%BE%D0%B2&en=user_engagement&_et=1499&tfd=2705&_z=fetch
Domain
mc.yandex.com
URL
https://mc.yandex.com/webvisor/97125067?wv-part=1&wv-type=7&wmode=0&wv-hit=92232489&page-url=https%3A%2F%2Ftelegramfraud.com%2F&rn=417512918&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1720994140%3Aw%3A1600x1200%3Av%3A1382%3Az%3A120%3Ai%3A20240714235542%3Au%3A1720994139845525914%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Ast%3A1720994140&t=gdpr(14)ti(1)
Domain
mc.yandex.com
URL
https://mc.yandex.com/webvisor/97125067?wv-part=1&wv-type=7&wmode=0&wv-hit=92232489&page-url=https%3A%2F%2Ftelegramfraud.com%2F&rn=417512918&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1720994140%3Aw%3A1600x1200%3Av%3A1382%3Az%3A120%3Ai%3A20240714235542%3Au%3A1720994139845525914%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Ast%3A1720994140&t=gdpr(14)ti(2)
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/ibmplexmono/v19/-F63fjptAgt5VM-kVkqdyU8n1isq129k.woff2

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| bubble_session_uid object| headers_source_maps function| make_proxy function| appquery function| Lib function| load_error_function object| load_error_log function| disableLoadErrorFunction object| _bubble_page_load_data object| webfont object| WebFont function| FontFaceObserver string| gm_key string| bubble_page_load_id string| bubble_plp_token string| _p string| bubble_page_name boolean| google_web_fonts_active object| fontface_loaded boolean| all_fontface_loaded function| $ function| jQuery string| bubble_bundle_name function| clearImmediate function| setImmediate object| BrowserDetect function| highlight_dom_changes function| local_storage_fallback object| u object| element_performance_counts function| kill_notifier_socket function| restore_notifier_socket number| server_time_offset object| client_db object| safe_require object| __algolia object| testing function| authenticate_as object| document_ready_key function| gapListener function| display_page function| switch_page function| Lib_post_load object| preloaded number| bubble_version object| __code__ object| optional_modules object| plugins object| bubble_run_derived function| gtag object| dataLayer object| translation_data object| language_data string| application_language object| app function| everything_ready function| wait_for_everything object| feather function| ym object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal boolean| plst number| render_end_timestamp object| attributes object| gtag_script object| Ya object| yaCounter97125067

24 Cookies

Domain/Path Name / Value
.telegramfraud.com/ Name: fraud-telegram_live_u2main
Value: bus|1720994138920x783627855730478700|1720994138928x117043169618416210
.telegramfraud.com/ Name: fraud-telegram_live_u2main.sig
Value: GrLcaEt4QRskwujXYhI_n8SUKIA
.telegramfraud.com/ Name: fraud-telegram_u1main
Value: 1720994138920x783627855730478700
.yandex.ru/ Name: i
Value: 4fAzeHUpulJJ6B5QhtfN1kkVwDApOb8hJ5oba6bAizegourGj3fdsLlakTZtiUDklXyiN/fVRl6T6zYp6ZU86JNKF7M=
.yandex.ru/ Name: yandexuid
Value: 99811151720994140
.yandex.ru/ Name: yashr
Value: 6217045291720994140
.telegramfraud.com/ Name: _ga
Value: GA1.1.1932649910.1720994141
.telegramfraud.com/ Name: _ym_uid
Value: 1720994139845525914
.telegramfraud.com/ Name: _ym_d
Value: 1720994139
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2845729886fake
.yandex.com/ Name: yashr
Value: 4635796671720994141
.telegramfraud.com/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3976286131fake
.yandex.com/ Name: yandexuid
Value: 99811151720994140
.yandex.com/ Name: yuidss
Value: 99811151720994140
.yandex.com/ Name: i
Value: 4fAzeHUpulJJ6B5QhtfN1kkVwDApOb8hJ5oba6bAizegourGj3fdsLlakTZtiUDklXyiN/fVRl6T6zYp6ZU86JNKF7M=
.yandex.com/ Name: yp
Value: 1721080541.yu.8228075091720994141
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
mc.yandex.com/ Name: yabs-sid
Value: 1333534631720994141
.yandex.com/ Name: ymex
Value: 1723586141.oyu.8228075091720994141#1752530141.yrts.1720994141
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.yandex.com/ Name: bh
Value: KgI/MA==
.telegramfraud.com/ Name: _ym_visorc
Value: w
.telegramfraud.com/ Name: _ga_64FBLDR671
Value: GS1.1.1720994141.1.1.1720994143.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
d1muf25xaso8hp.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.com
mc.yandex.ru
plst237.s3.amazonaws.com
region1.google-analytics.com
telegramfraud.com
www.googletagmanager.com
www.telegramfraud.com
fonts.gstatic.com
mc.yandex.com
region1.google-analytics.com
104.16.42.105
104.19.241.93
13.32.23.118
142.250.184.200
142.250.185.106
151.101.193.229
172.217.18.3
216.239.32.36
52.216.33.137
93.158.134.119
03da4172eecc330846a9d7c056c18a2bb88c49c5ddfd68a60035ec70af715335
2ea19244e232fa0f9ebbdf52acc5d644d89451d1a0325d297e7f01a8047f1e43
3c5a451f9ec27a354b0c2bcca636c6ec17a651281aabf29f8427e210a1d31e85
3c5ad65cef2d51a669c574a270f80caf3d55134cefabf069e0622b2de2dca6bb
3e44fb721d3be9376c6e5e946109067a04da84ae10b3f27a03ada7a3731e515c
450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b
4c95bacdf5858f6bb23d0e7ec79235ea2b4126c897cc09cb1fcffc0f7d519bf7
4d9912b379f5cc67b1ba842ad7c8ac713fbc726c50d577bbd22ad73d3875adab
4eadb6f64e386c63f8f7cab558a6e6a6ac91e0f80dc111e93e6e71751f9c11b3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57329622c0571f0bc59a56da7cbbb007f53a6f69f66302fc41a99cdb429c5f8d
60f09303408bba7f15ba701c88614773cea6db875a95d6d8236d087c974a1464
6fa74877b314e2853632b2a119d3db03ff6d178355ce5c810ade127f1c2d54d8
71d6dddaee8cc5b87da191f2fd13a2575cd6bad642bf3c609c30a9c8a9886d12
73ce6556ec48522fbf649d6e047b3b46233ef9e2afbd0455dac4edbba13dbe36
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
756026ff72eb76fd971ac4b7504cec55eef62109d2684c2cad8da32170b80b37
75dbb4380a386220610babb812bafaed50a4f983fa198851836a64d6fad2b094
7ab79920c39cf58ebfeee1098db5b3ebe67f6f475d11378365b670622f643ce1
7bbfd8f9251d1fc18620188f1f7a941f3885d0be47b62588522b7da734518776
8f5625dc3d6750cd89b3f6c892963a5db13db0015b9c63ef0fc6f9b56445cfed
909c4e6ed352d7172ba39b5099d2af7b86c0470ba45732b22937dcb8acb39974
91e87088b31e15196bbe6c0c5d78dc20aad1f0bcaf7ad04a771fe7aa85801813
933669d020d445dfd2e6d6a2861c8af584274cb9c89401ed08379a83189aba55
9bd0279b23e2566c3cde07f58324401e0c5659a3f61ccf74699780748ae8a3a5
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a51b6594bdda5d76e047259fb1fcaf7af2eb227cac553b4eb1cffa8328784c9c
adbaafb069aa9044371c0a6e0d8625927b21d206f0ed6b13ccc4847b6467cd69
b4463de0ece918e7cac85e9df6b26b9ad845774b640104078ec970947e66d38d
c2d10572de3dc47a1b7ddb6943cad26fe741ac92c8e32aafe74bcdd2d2e59f96
c2f9c20b292ec88ccd8daef3d2fb2ccf68b3b10bfc50a400cf6abab05c919ee9
c4d3deb734a27e6d0dc7a6b464779f70ba1c272e26287860a14e35e85acb5b76
cf5d4a07787b0e60ff27fc562378b50781a5f2c71174a65a50729132e008cc66
d2fc453332fe9cf71ff64eddb765d68edb8747e8fcf144949b5480f4b85bfa23
dea9e670c8ec233b28ab876967c3f76f7b37f4d99dcdd4d1b3eda515fd594074
ea1d325eeafe148e66e088382a0c5211302cc73e3412659d54a9d2c1870fc0ab
ea465ac6b69a037dc49fda6ab1c585f95725091eff4515df61db91d9d3c5e54e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f82db55c28494802083b780ef42d77a2e1ff0cccbe68bbe24b6f11667fc50d65